134 lines
5.4 KiB
Plaintext
134 lines
5.4 KiB
Plaintext
==Phrack Inc.==
|
|
|
|
Volume 0x0b, Issue 0x3c, Phile #0x04 of 0x10
|
|
|
|
|=--------------------=[ T O O L Z A R M O R Y ]=----------------------=|
|
|
|=-----------------------------------------------------------------------=|
|
|
|=---------=[ packetstorm <http://www.packetstormsecurity.org> ]=-------=|
|
|
|
|
|
|
This new section, Phrack Toolz Armory, is dedicated to tool annoucements.
|
|
We will showcast selected tools of relevance to the computer underground
|
|
which have been released recently. The tools for #60 have been selected
|
|
in teamwork by the Packet Storm staff and Phrack staff.
|
|
|
|
Drop us a mail if you develop something that you think is worth of being
|
|
mentioned here.
|
|
|
|
1 - nmap 3.1 Statistics Patch
|
|
2 - thc-rut
|
|
3 - Openwall GNU/*/Linux (Owl) 1.0
|
|
4 - Stealth Kernel Patch
|
|
5 - Memfetch
|
|
6 - Lcrzoex
|
|
|
|
----[ 1 - NMAP 3.1 Statistics Patch
|
|
|
|
URL : http://packetstormsecurity.org/UNIX/nmap/nmap-3.10ALPHA4_statistics-1.diff
|
|
Author : vitek[at]ixsecurity.com
|
|
Comment : The Nmap 3.10ALFA Statistics Patch adds the -c switch which
|
|
guesses how much longer the scan will take, shows how many ports
|
|
have been tested, resent, and the ports per second rate. Useful
|
|
for scanning firewalled hosts.
|
|
|
|
|
|
----[ 2 - thc-rut
|
|
|
|
URL : http://www.thehackerschoice.com/thc-rut
|
|
Author : anonymous[at]segfault.net
|
|
Comment : RUT (aRe yoU There, pronouced as 'root') is your first knife on
|
|
foreign network. It gathers informations from local and remote
|
|
networks.
|
|
|
|
It offers a wide range of network discovery utilities
|
|
like arp lookup on an IP range, spoofed DHCP request, RARP,
|
|
BOOTP, ICMP-ping, ICMP address mask request, OS fingerprinting,
|
|
high-speed host discovery, ...
|
|
|
|
THC-RUT comes with a OS host Fingerprinter which determines the
|
|
remote OS by open/closed port characteristics, banner matching
|
|
and nmap fingerprinting techniques (T1, tcpoptions).
|
|
|
|
The fingerprinter has been developerd to quickly (10mins)
|
|
categorize hosts on a Class B network. Information sources are
|
|
(amoung others) SNMP replies, telnetd (NVT) negotiation options,
|
|
generic Banner Matching, HTTP-Server version, DCE request and
|
|
tcp options. It is compatible to the nmap-os-fingerprints
|
|
database and comes in addition to this with his own perl regex
|
|
capable fingerprinting database (thcrut-os-fingerprints).
|
|
|
|
|
|
----[ 3 - Openwall GNU/*/Linux (Owl) 1.0 (Released 2002-10-13)
|
|
|
|
URL : http://www.openwall.com/Owl
|
|
Author : Solar Designer and other hackers.
|
|
Comment : Openwall Linux is the Hacker's choice platform. The security
|
|
has been defined by people who know what they are doing. Owl
|
|
comes without any useless services running by default, no RPM
|
|
dependencies headache, full featured environment for
|
|
developers, a large number of usefull tools and a BSD-port-like
|
|
update mechanism. It's for people who prefer vi over
|
|
click/drag-and-drop sickness to configure the system.
|
|
|
|
Openwall GNU/*/Linux (Owl) includes a pre-built copy of John
|
|
the Ripper password cracker ready for use without requiring
|
|
another OS (life system!) and without having to install on a
|
|
hard disk (although that is supported). The CD-booted system
|
|
is fully functional, you may even let it go multi-user with
|
|
virtual consoles and remote shell access.
|
|
|
|
John the Ripper is a fast password cracker, currently
|
|
available for many flavors of Unix (11 are officially
|
|
supported, not counting different architectures), DOS, Win32,
|
|
and BeOS. Its primary purpose is to detect weak Unix
|
|
passwords, but a number of other hash types are supported
|
|
aswell.
|
|
|
|
This is probably the most secure linux distribution out there.
|
|
|
|
|
|
----[ 4 - Stealth Kernel Patch
|
|
|
|
URL : http://packetstormsecurity.org/UNIX/patches/linux-2.2.22-stealth.diff.gz
|
|
Author : Sean Trifero <sean[at]innu.org>
|
|
Comment : The Stealth Kernel Patch for Linux v2.2.22 makes the linux kernel
|
|
discard the packets that many OS detection tools use to query the
|
|
TCP/IP stack. Includes logging of the dropped query packets and
|
|
packets with bogus flags. Does a very good job of confusing nmap
|
|
and queso.
|
|
|
|
|
|
----[ 5 - Memfetch
|
|
|
|
URL : http://packetstormsecurity.org/linux/security/memfetch.tgz
|
|
Author : Michal Zalewski <lcamtuf[at]ghettot.net>
|
|
Comment : Memfetch dumps the memory of a program without disrupting its
|
|
operation, either immediately or on the nearest fault condition
|
|
(such as SIGSEGV). It can be used to examine suspicious or
|
|
misbehaving processes on your system, verify that processes are
|
|
what they claim to be, and examine faulty applications using your
|
|
favorite data viewer so that you are not tied to the inferior
|
|
data inspection capabilities in your debugger.
|
|
|
|
|
|
|
|
----[ 6 - Lcrzoex
|
|
|
|
URL : http://www.laurentconstantin.com/en/lcrzoex/
|
|
http://www.laurentconstantin.com/en/rzobox/ (front end)
|
|
Author : Laurent Constantin <laurent.constantin@aql.fr>
|
|
Comment : Lcrzoex contains over 400 tools to test an Ethernet/IP
|
|
network. It runs under Linux, Windows, FreeBSD, OpenBSD and
|
|
Solaris. Features:
|
|
|
|
- sniff/spoof/replay
|
|
- syslog/ftp/dns/http/telnet clients
|
|
- ping/traceroute
|
|
- web spider
|
|
- tcp/web backdoor
|
|
- data conversion
|
|
|
|
|
|
|=[ EOF ]=---------------------------------------------------------------=|
|
|
|